From f24eb27bef4ecbb9b7d1702d9a10fcdba913300c Mon Sep 17 00:00:00 2001 From: Salar Rahmanian Date: Sat, 17 Feb 2024 09:37:00 -0800 Subject: [PATCH 1/2] cors and security fixes --- config.toml | 2 +- static/_headers | 5 +++++ 2 files changed, 6 insertions(+), 1 deletion(-) create mode 100644 static/_headers diff --git a/config.toml b/config.toml index 401f6f3..ad22981 100644 --- a/config.toml +++ b/config.toml @@ -197,7 +197,7 @@ copyright = "© $CURRENT_YEAR $AUTHOR $SEPARATOR Unless otherwise noted, the con allowed_domains = [ { directive = "font-src", domains = ["'self'", "data:"] }, { directive = "img-src", domains = ["'self'", "https://*", "data:"] }, - { directive = "script-src", domains = ["'self'", "https://comments.softinio.com/js/embed.min.js"] }, + { directive = "script-src", domains = ["'self'", "https://comments.softinio.com/js/embed.min.js", "https://static.cloudflareinsights.com/beacon.min.js"] }, { directive = "style-src", domains = ["'self'"] }, { directive = "frame-src", domains = ["player.vimeo.com", "https://www.youtube-nocookie.com", "https://watch.softinio.com", "https://notes.softinio.com/embed"] }, ] diff --git a/static/_headers b/static/_headers new file mode 100644 index 0000000..063c000 --- /dev/null +++ b/static/_headers @@ -0,0 +1,5 @@ +https://comments.softinio.com + Access-Control-Allow-Origin: https://comments.softinio.com +https://www.softinio.com + Access-Control-Allow-Origin: https://www.softinio.com + -- 2.46.1 From af4afc4f739a2659069b35709eebd4ac10591a31 Mon Sep 17 00:00:00 2001 From: Salar Rahmanian Date: Sat, 17 Feb 2024 10:23:30 -0800 Subject: [PATCH 2/2] Cors and preview environment updates --- .woodpecker.yml | 6 ++++-- config.toml | 2 +- flake.nix | 2 +- static/_headers | 6 ++---- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.woodpecker.yml b/.woodpecker.yml index a713eef..a5c6981 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -3,13 +3,15 @@ steps: image: nixos/nix commands: - echo 'experimental-features = flakes nix-command' >> /etc/nix/nix.conf + - nix profile install nixpkgs#gnused --impure + - sed -i "s|base_url = \"https://www.softinio.com\"|base_url = \"https://$CI_COMMIT_BRANCH.softinio.com\"|" ./config.toml - nix build - nix flake show - ls result - - nix develop --command wrangler pages deploy result --branch=$CI_COMMIT_SOURCE_BRANCH --project-name=softinio --commit-dirty=true + - nix develop --command wrangler pages deploy result --branch=$CI_COMMIT_BRANCH --project-name=softinio --commit-dirty=true secrets: [ cloudflare_account_id, cloudflare_api_token ] when: - event: [push, pull_request] + event: [push] branch: exclude: [ main ] diff --git a/config.toml b/config.toml index ad22981..7626d44 100644 --- a/config.toml +++ b/config.toml @@ -197,7 +197,7 @@ copyright = "© $CURRENT_YEAR $AUTHOR $SEPARATOR Unless otherwise noted, the con allowed_domains = [ { directive = "font-src", domains = ["'self'", "data:"] }, { directive = "img-src", domains = ["'self'", "https://*", "data:"] }, - { directive = "script-src", domains = ["'self'", "https://comments.softinio.com/js/embed.min.js", "https://static.cloudflareinsights.com/beacon.min.js"] }, + { directive = "script-src", domains = ["'self'", "https://comments.softinio.com/js/embed.min.js", "https://static.cloudflareinsights.com"] }, { directive = "style-src", domains = ["'self'"] }, { directive = "frame-src", domains = ["player.vimeo.com", "https://www.youtube-nocookie.com", "https://watch.softinio.com", "https://notes.softinio.com/embed"] }, ] diff --git a/flake.nix b/flake.nix index f68a449..2832b3d 100644 --- a/flake.nix +++ b/flake.nix @@ -31,7 +31,7 @@ ln -snf "${theme}" "themes/${themeName}" ''; buildPhase = '' - zola build + zola build -f ''; installPhase = '' mkdir -p $out diff --git a/static/_headers b/static/_headers index 063c000..1e14ac6 100644 --- a/static/_headers +++ b/static/_headers @@ -1,5 +1,3 @@ -https://comments.softinio.com - Access-Control-Allow-Origin: https://comments.softinio.com -https://www.softinio.com - Access-Control-Allow-Origin: https://www.softinio.com +/* + Access-Control-Allow-Origin: https://www.softinio.com https://comments.softinio.com https://*.softinio.pages.dev -- 2.46.1